US20140108655A1 - Load balancer bypass - Google Patents

Load balancer bypass Download PDF

Info

Publication number
US20140108655A1
US20140108655A1 US13/652,718 US201213652718A US2014108655A1 US 20140108655 A1 US20140108655 A1 US 20140108655A1 US 201213652718 A US201213652718 A US 201213652718A US 2014108655 A1 US2014108655 A1 US 2014108655A1
Authority
US
United States
Prior art keywords
source
destination
message
machine
address
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US13/652,718
Other versions
US9246998B2 (en
Inventor
Hemant Kumar
Parveen Kumar Patel
Deepak Bansal
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Priority to US13/652,718 priority Critical patent/US9246998B2/en
Assigned to MICROSOFT CORPORATION reassignment MICROSOFT CORPORATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BANSAL, DEEPAK, PATEL, PARVEEN KUMAR, KUMAR, HEMANT
Priority to PCT/US2013/065159 priority patent/WO2014062752A1/en
Priority to BR112015007738-2A priority patent/BR112015007738B1/en
Priority to CN201380054147.2A priority patent/CN104756466B/en
Priority to EP13785712.4A priority patent/EP2909999B1/en
Publication of US20140108655A1 publication Critical patent/US20140108655A1/en
Assigned to MICROSOFT TECHNOLOGY LICENSING, LLC reassignment MICROSOFT TECHNOLOGY LICENSING, LLC ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: MICROSOFT CORPORATION
Priority to US14/972,951 priority patent/US9826033B2/en
Publication of US9246998B2 publication Critical patent/US9246998B2/en
Application granted granted Critical
Active legal-status Critical Current
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/56Provisioning of proxy services
    • H04L67/563Data redirection of data network streams
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1001Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
    • H04L67/1038Load balancing arrangements to avoid a single path through a load balancer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L61/00Network arrangements, protocols or services for addressing or naming
    • H04L61/09Mapping addresses
    • H04L61/25Mapping addresses of the same type
    • H04L61/2503Translation of Internet protocol [IP] addresses
    • H04L61/2521Translation architectures other than single NAT servers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L12/00Data switching networks
    • H04L12/54Store-and-forward switching systems 
    • H04L12/56Packet switching systems

Definitions

  • a load balancer allows multiple machines to be associated with a single virtual network address. Network messages that are addressed to the virtual network address are received by the load balancer, which decides which of multiple machines are to handle the network message. The load balancer then forwards the network message towards a destination intermediary. The destination intermediary then delivers the network message to the designated machine.
  • At least one embodiment described herein relates to bypassing a load balancer that initially appeared in a multi-message flow from a source machine served by a source intermediary and a destination machine served by a destination intermediary.
  • One or more original network messages (and perhaps just the first) of the flow arrive from the source intermediary at the load balancer.
  • the load balancer selects which machine is to send the message to, and it turns out selects the destination machine.
  • the load balancer then dispatches the network message to the destination intermediary that serves the destination machine.
  • the destination intermediary instructs the source intermediary to transmit subsequent messages in the flow to the destination machine in a manner that bypasses the load balancer.
  • the source intermediary may modify addressing of subsequent flow messages from the source machine such that they are rerouted to the destination machine without addressing the load balancer.
  • FIG. 1 abstractly illustrates a computing system in which some embodiments described herein may be employed
  • FIG. 2 abstractly illustrates a host computing system that hosts multiple virtual machines and provides access to physical resources through a hypervisor;
  • FIG. 3 abstractly illustrates a distributed environment in which three hosts are communicating, and in which a load balancer load balances across a virtual network address that may correspond to virtual machines on different hosts;
  • FIG. 4 illustrates a flowchart of a method for a source machine communicating a first exchange in a multi-message flow with a destination machine in a separate instruction embodiment
  • FIG. 5A illustrates a first half of a flowchart of a method for a source machine communicating a first exchange in a multi-message flow with a destination machine in an integrated response embodiment
  • FIG. 5B illustrates a second half of the flowchart of FIG. 5A ;
  • FIGS. 6A through 6G illustrate various example data structures of a network message in various stages of processing
  • FIG. 7 illustrates a flowchart of a method for delivering subsequent network messages associated with the same flow from the source machine to the destination machine.
  • the load balancer initially appears in a multi-message flow from a source machine served by a source intermediary and a destination machine served by a destination intermediary.
  • One or more original network messages (and perhaps just the first) of the flow arrive from the source intermediary at the load balancer.
  • the load balancer selects which machine is to handle the message, and it turns out selects the destination machine.
  • the load balancer then dispatches the network message to the destination intermediary that serves the destination machine.
  • the destination intermediary instructs the source intermediary to transmit subsequent messages in the flow in a manner that bypasses the load balancer.
  • the source intermediary may modify addressing of subsequent flow messages from the source machine such that they are rerouted to the destination machine without addressing the load balancer.
  • the network messages described herein may be Internet Protocol (IP) layer network messages
  • IP Internet Protocol
  • the source machine may operate in a cloud computing environment, in the public Internet, or in any other environment.
  • the destination machine may also operate in a cloud computing environment, in the public Internet, or in any other environment.
  • there may be any permutation of source and destination virtual machines including 1) both source and destination machines being virtual machines, 2) both source and destination machines being physical machines, 3) the source machine being a virtual machine and the destination machine being a physical machine, and 4) the source machine being a physical machine and the destination machine being a virtual machine.
  • FIG. 1 Some introductory discussion of a computing system will be described with respect to FIG. 1 . Then, the principles of operation of virtual machines will be described with respect to FIG. 2 . Subsequently, the principles of the bypass of a load balancer will be described with respect to FIG. 3 and successive figures.
  • Computing systems are now increasingly taking a wide variety of forms. Computing systems may, for example, be handheld devices, appliances, laptop computers, desktop computers, mainframes, distributed computing systems, or even devices that have not conventionally been considered a computing system.
  • the term “computing system” is defined broadly as including any device or system (or combination thereof) that includes at least one physical and tangible processor, and a physical and tangible memory capable of having thereon computer-executable instructions that may be executed by the processor.
  • the memory may take any form and may depend on the nature and form of the computing system.
  • a computing system may be distributed over a network environment and may include multiple constituent computing systems.
  • a computing system 100 typically includes at least one processing unit 102 and memory 104 .
  • the memory 104 may be physical system memory, which may be volatile, non-volatile, or some combination of the two.
  • the term “memory” may also be used herein to refer to non-volatile mass storage such as physical storage media. If the computing system is distributed, the processing, memory and/or storage capability may be distributed as well.
  • the term “module” or “component” can refer to software objects or routines that execute on the computing system. The different components, modules, engines, and services described herein may be implemented as objects or processes that execute on the computing system (e.g., as separate threads).
  • embodiments are described with reference to acts that are performed by one or more computing systems. If such acts are implemented in software, one or more processors of the associated computing system that performs the act direct the operation of the computing system in response to having executed computer-executable instructions.
  • such computer-executable instructions may be embodied on one or more computer-readable media that form a computer program product.
  • An example of such an operation involves the manipulation of data.
  • the computer-executable instructions (and the manipulated data) may be stored in the memory 104 of the computing system 100 .
  • Computing system 100 may also contain communication channels 108 that allow the computing system 100 to communicate with other message processors over, for example, network 110 .
  • Embodiments described herein may comprise or utilize a special purpose or general-purpose computer including computer hardware, such as, for example, one or more processors and system memory, as discussed in greater detail below.
  • Embodiments described herein also include physical and other computer-readable media for carrying or storing computer-executable instructions and/or data structures.
  • Such computer-readable media can be any available media that can be accessed by a general purpose or special purpose computer system.
  • Computer-readable media that store computer-executable instructions are physical storage media.
  • Computer-readable media that carry computer-executable instructions are transmission media.
  • embodiments of the invention can comprise at least two distinctly different kinds of computer-readable media: computer storage media and transmission media.
  • Computer storage media includes RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store desired program code means in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer.
  • a “network” is defined as one or more data links that enable the transport of electronic data between computer systems and/or modules and/or other electronic devices.
  • a network or another communications connection can include a network and/or data links which can be used to carry or desired program code means in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer. Combinations of the above should also be included within the scope of computer-readable media.
  • program code means in the form of computer-executable instructions or data structures can be transferred automatically from transmission media to computer storage media (or vice versa).
  • computer-executable instructions or data structures received over a network or data link can be buffered in RAM within a network interface module (e.g., a “NIC”), and then eventually transferred to computer system RAM and/or to less volatile computer storage media at a computer system.
  • a network interface module e.g., a “NIC”
  • NIC network interface module
  • computer storage media can be included in computer system components that also (or even primarily) utilize transmission media.
  • Computer-executable instructions comprise, for example, instructions and data which, when executed at a processor, cause a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions.
  • the computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, or even source code.
  • the invention may be practiced in network computing environments with many types of computer system configurations, including, personal computers, desktop computers, laptop computers, message processors, hand-held devices, multi-processor systems, microprocessor-based or programmable consumer electronics, network PCs, minicomputers, mainframe computers, mobile telephones, PDAs, pagers, routers, switches, and the like.
  • the invention may also be practiced in distributed system environments where local and remote computer systems, which are linked (either by hardwired data links, wireless data links, or by a combination of hardwired and wireless data links) through a network, both perform tasks.
  • program modules may be located in both local and remote memory storage devices.
  • FIG. 2 abstractly illustrates a host 200 in further detail.
  • the host 200 is illustrated as operating three virtual machines 210 including virtual machines 210 A, 210 B and 210 C.
  • the ellipses 210 D once again represents that the principles described herein are not limited to the number of virtual machines running on the host 200 . There may be as few as zero virtual machines running on the host with the only upper limit being defined by the physical capabilities of the host 200 .
  • the virtual machines emulates a fully operational computing system including an at least an operating system, and perhaps one or more other applications as well.
  • Each virtual machine is assigned to a particular client, and is responsible to support the desktop environment for that client.
  • the virtual machine generates a desktop image or other rendering instructions that represent a current state of the desktop, and then transmits the image or instructions to the client for rendering of the desktop.
  • the user inputs are transmitted from the client to the virtual machine.
  • the virtual machine processes the user inputs and, if appropriate, changes the desktop state. If such change in desktop state is to cause a change in the rendered desktop, then the virtual machine alters the image or rendering instructions, if appropriate, and transmits the altered image or rendered instructions to the client computing system for appropriate rendering. From the prospective of the user, it is as though the client computing system is itself performing the desktop processing.
  • the host 200 includes a hypervisor 220 that emulates virtual resources for the virtual machines 210 using physical resources 221 that are abstracted from view of the virtual machines 210 .
  • the hypervisor 221 also provides proper isolation between the virtual machines 210 .
  • the hypervisor 220 provides the illusion that the virtual machine is interfacing with a physical resource, even though the virtual machine only interfaces with the appearance (e.g., a virtual resource) of a physical resource, and not with a physical resource directly.
  • the physical resources 221 are abstractly represented as including resources 221 A through 221 F. Examples of physical resources 221 including processing capacity, memory, disk space, network bandwidth, media drives, and so forth.
  • FIG. 3 illustrates a distributed system 300 that includes three intermediaries.
  • the communicating machines are virtual machines and thus, the three intermediaries are illustrated as being hypervisors within host computing systems 310 , 320 and 330 (hereinafter referred to simply as “hosts”).
  • hosts Each host 310 , 320 and 330 may be structured and operate as described above for the host 200 of FIG. 2 .
  • Each host has a hypervisor much as host 200 has hypervisor 220 .
  • hosts 310 , 320 and 330 have respective hypervisors 311 , 321 and 331 .
  • the hypervisor 311 might be replaced by another intermediary, such as a vmswitch, suitable for physical machines.
  • the hypervisor 321 might be replaced by a vmswitch.
  • the hypervisor 331 might also be replaced by a vmswitch. Accordingly, throughout the remainder of this description, where the terms “source virtual machine” and “source host” are referred to, these terms may be replaced by respective terms “source physical machine” and “source vmswitch”.
  • destination virtual machine and “destination host” are referred to, these terms may be replaced by respective terms “destination physical machine” and “destination vmswitch”. Nevertheless, the example of FIGS. 4 through 7 will proceed with the discussion of the exchange in the specific example of a virtual machine.
  • Each host has virtual machines running thereon much as host 200 has virtual machines 210 running thereon.
  • host 310 has running thereon virtual machines 312 , including virtual machine 312 A, 312 B and 312 C, although the ellipses 312 D represent flexibility in the number of virtual machines running on the host 310 .
  • Host 320 has running thereon virtual machines 322 , including virtual machine 322 A, 322 B and 322 C, although the ellipses 322 D represent flexibility in the number of virtual machines running on the host 320 .
  • Host 330 has running thereon virtual machines 332 , including virtual machine 332 A, 332 B and 332 C, although the ellipses 332 D represent flexibility in the number of virtual machines running on the host 330 .
  • Each virtual machine is addressable by a routable device identifier.
  • virtual machines 312 A, 312 B, 312 C, 322 A, 322 B, 322 C, 332 A, 332 B and 332 C are addressable by respective routable device identifiers 313 A, 313 B, 313 C, 323 A, 323 B, 323 C, 333 A, 333 B and 332 C.
  • the distributed system 300 also includes a load balancer 340 that gets traffic for virtual network address 341 .
  • the load balancer 340 is configured such that messages that are received by the load balancer 342 and that are addressed using the virtual network address 341 , are distributed to one of a group of virtual machines associated with the virtual network address. For instance, there are three virtual machines associated with the virtual network address 341 including virtual machine 322 B (as represented by association 351 ), virtual machine 322 A (as represented by association 352 ) and virtual machine 332 C (as represented by association 353 ).
  • the load balancer 340 performs load balancing by selecting one of the virtual machines 332 B, 332 A or 332 C to receive the message addressed to the virtual network, and dispatches the network message to that selected virtual machine.
  • the ellipses 342 represents that the load balancer 340 may perform this load balancing function for other virtual network addresses also, which virtual network address may be associated with a distinct set of one or more virtual machines.
  • the virtual network address includes a virtual Internet Protocol (IP) address.
  • IP Internet Protocol
  • virtual machine 312 A will be a source virtual machine for a particular message flow
  • source host 310 will be a source host for that message flow
  • virtual machine 322 A will be a destination virtual machine for that message flow
  • host 320 will be a destination host for that message flow.
  • the source host There are two embodiments of instructing the source host to bypass the load balancer.
  • One will be referred to as a “separate instruction” embodiment in which the destination host provides an instruction to bypass that is separate and apart from the response to the first source-side network message associated with the flow. This first embodiment may be helpful in cases in which, for example, there might not be a response to the source-side network message.
  • the second embodiment will be referred to as an “integrated response” embodiment in which the destination host provides bypass instructions within the response to the source-side network message.
  • FIG. 4 illustrates a flowchart of a method 400 for a source virtual machine on a source host communication a “first” exchange in a multi-message flow with a destination virtual machine hosted by a destination host.
  • FIG. 4 specifically addresses the separate instruction embodiment.
  • FIG. 5 illustrates a flowchart of a method that is similar to that of FIG. 4 , except that it addresses the integrated response embodiment.
  • the terms “first”, “second”, and so forth are not intended to imply an actually temporal ordering, but merely to distinguish one item from another.
  • the “first” exchange illustrated in FIG. 4 need not be the actual first exchange between the source virtual machine and the destination virtual machine, nor even the actual first exchange in a particular message flow. Nevertheless, the exchanges of FIGS. 4 and 5A and 5 B, occur before the subsequent message of FIG. 7 .
  • those acts that are performed by the source virtual machine are in the left column of FIGS. 4 and 5 under the header “SOURCE VM”.
  • those acts that are performed by the source host or hypervisor e.g., host 310 or hypervisor 311
  • the load balancer e.g., load balancer 340
  • those acts that are performed by the destination host or hypervisor are in the second to right column under the header “DESTINATION HOST”.
  • Those acts that are performed by the destination virtual machine are in the right column under the header “DESTINATION VM”.
  • the methods 400 and 500 will be described concurrently up to the point where the “separate instruction” and “integrated response” embodiments diverge.
  • the methods 400 and 500 begin with the source virtual machine generating a source-side network message (acts 401 and 501 ).
  • a “source-side” network message refers to a network message generated by the source virtual machine, hypervisor, or host; whereas a “destination-side” network message refers to a network message generated by the destination virtual machine, hypervisor, or host.
  • the destination address has a destination virtual network address that is routed through the load balancer, and a source address that includes a routable device identifier that addresses the source virtual machine.
  • the virtual network address and the routable device identifiers are network-level addresses. However, the principles described herein also apply to addresses at other layers of the protocol stack, such as the application-level.
  • the virtual network addresses are virtual Internet Protocol (IP) or (VIP) addresses
  • the routable device identifiers are Device IP (or DIP) addresses.
  • FIG. 6A illustrates example data structure of the source-side network message generated by the source virtual machine in acts 401 and 501 .
  • the network message includes the virtual IP address of the load balancer (VIP D ) as the destination address, as well as the routable device identifier of the source virtual machine (DIP S ) as the source address.
  • VIP D load balancer
  • DIP S routable device identifier of the source virtual machine
  • the source host e.g., the source hypervisor 311 intercepts the source-side network message (acts 402 and 502 ). The source host then dispatches the source-side network message (acts 403 and 503 ) without altering the source or destination addresses. This might involve some configuration to ensure that the source address does not undergo Network Address Translation (NAT) and thus remains unchanged.
  • NAT Network Address Translation
  • the source-side network message is routed through the network, and since the destination address is the virtual network address served by the load balancer, the load balancer receives the source-side network message (acts 404 and 504 ). For instance, referring to FIG. 3 , the load balancer 340 may receive a network message that included the virtual network address 341 as the destination address.
  • the load balancer selects one of the group of virtual machines associated with the virtual network address as being the destination virtual machine (acts 405 and 505 ). For instance, in FIG. 3 , virtual machines 322 B, 322 A and 332 C are associated with the virtual network address 341 . In the example, suppose that the load balancer 340 selects virtual machine 322 A as the destination virtual machine (and thus the host 320 would be the destination host).
  • the load balancer then augments the source-side network message to be from the load balancer to the selected destination virtual machine (acts 406 and 506 ).
  • This augmentation may be done by, for example, encapsulating the original message with an additional operative addressing header.
  • FIG. 6B shows the source-side network message which is the same as that of FIG. 6A , except that the encapsulating addressing layer (which will function to route the message) includes a destination address that includes the routable device identifier (e.g., DIP D ) that addresses the destination virtual machine (e.g., virtual machine 322 A), and that includes a source address that addresses the load balancer (e.g., MUX).
  • the routable device identifier e.g., DIP D
  • MUX source address that addresses the load balancer
  • the load balancer then dispatches the augmented source-side network message to the selected destination virtual machine (acts 407 and 507 ). For instance, the load balancer 340 may dispatch the augmented source-side network message illustrated in FIG. 6B to the destination virtual machine 322 A.
  • the destination host then receives the augmented source-side network message (acts 408 and 508 ), and accesses the pre-augmented version of the source-side network message (acts 409 and 509 ). For instance, in the context of the network message of FIG. 6B , the message may be decapsulated in order to arrive again at the message of FIG. 6A .
  • the destination host determines that the source host is to address subsequent network messages originated from the source virtual machine and associated with the same multi-message flow to the destination virtual machine in a manner that bypasses the load balancer (acts 410 and 510 ). For instance, the destination hypervisor 321 may have been previously instructed to cause redirection to happen for any flow from any source virtual machine that arrives via the load balancer.
  • the host then provides the redirection instruction to the source host.
  • the instruction is provided out-of-band from any response to the source-side network message.
  • the source-side network message is passed to the destination virtual machine (act 411 ).
  • the instruction message is dispatched from the destination host to the source host (act 412 ), which receives the instruction (act 413 ).
  • the instruction message is shown as being dispatched (act 412 ) after the source-side network message is passed (act 411 ) to the destination virtual machine, there is no timing dependency between those two acts.
  • the destination virtual machine receives the source-side network message (act 414 ), and if a response is to be generated, generates the response (act 415 ), and dispatches the destination-side network message (i.e., the response) to the source virtual machine (act 416 ).
  • the source virtual machine then receives the response (act 417 )
  • the destination host determines that the flow is to be redirected to bypass the load balancer.
  • the destination host or hypervisor modifies the source-side network message such that the destination address includes a routable device identifier that addresses the source virtual machine (act 511 ).
  • FIG. 6A illustrates the source-side network message that was extracted from the augmented source-side network message received from the load balancer.
  • FIG. 6C illustrates the source-side network message but in which the destination address changes from the virtual network address (VIP D ) of the load balancer to the routable device identifier (DIP D ) of the source virtual machine.
  • VIP D virtual network address
  • DIP D routable device identifier
  • the source host then passes the modified source-side network message to the destination virtual machine (act 512 ), which receives the modified-source side network message (act 513 ).
  • the destination virtual machine then generates a destination-side network message (act 514 ), which will be referred to hereinafter simply as “the response”.
  • FIG. 6D illustrates an example response to the source-side network message of FIG. 6C .
  • the source and destination addresses are reversed as is typical of any response.
  • the destination address includes the routable device identifier (DIP S ) that addresses the source virtual machine, and the source address is the routable device identifier (DIP D ) that addresses the destination virtual machine.
  • the destination host accesses (act 515 ) and modifies the response (act 516 ) so that the source address includes the virtual network address that addresses the load balancer.
  • FIG. 6E illustrates such a modified response.
  • the original response is encapsulated with an addressing header which again specifies the routable device identifier (DIP S ) as the destination address, but the virtual network address (VIP D ) of the load balancer as the source address.
  • the destination host then dispatches the augmented response to the source virtual machine (act 517 ).
  • the source host receives the augmented response (act 518 ), and extracts the original response from the response (act 519 ). For instance, in the case of the encapsulated response of FIG. 6E , the source host may decapsulate the response to obtain the originally generated response represented in FIG. 6D . The source host then modifies the original response so that the source address includes the destination virtual network address of the load balancer (act 520 ). The source host also notes the routable device identifier (e.g., DIP D ) of the destination virtual machine for modification described hereinafter associated with subsequent source-side network messages. As an example, FIG. 6F illustrates a modified response. The source host then dispatches the response (act 521 ), which is received by the source virtual machine (act 522 ).
  • the source host may decapsulate the response to obtain the originally generated response represented in FIG. 6D .
  • the source host modifies the original response so that the source address includes the destination virtual network address of the load balancer (act 520 ).
  • the source host
  • the source virtual machine From the perspective of the source virtual machine, the source virtual machine issued a message to the virtual network address, and received a response from the virtual network address.
  • the source host has been configured to redirect subsequent messages for the flow from the source host to bypass the load balancer.
  • the destination host might also return a normal response to the original source-side network message that does not include an instruction.
  • FIG. 6F again illustrates an example of such a response. Comparing to the original source-side network message of FIG. 6A , note that the source and destination addresses are reversed. Thus, even a source host that is not capable of responding to the instruction represented in FIG. 6E , will still recognize the response of FIG. 6F as being responsive. Thus, the principles described herein may be rolled out in a controlled fashion.
  • FIG. 7 illustrates a flowchart of a method 700 for delivering subsequent network messages associated with the same flow from the source virtual machine to the destination virtual machine.
  • the method 700 may be performed for each subsequent network message. From the perspective of the source and destination virtual machines, the redirection is not apparent.
  • the source virtual machine merely dispatch a second (or third, and so forth) source-side network message (act 701 ) that has a destination address that includes the destination virtual network address that addresses the load balancer, and that has a source address that includes a routable device identifier that addresses the source virtual machine.
  • act 701 may be structured as described in FIG. 6A , and thus act 701 may be the same as acts 401 and 501 of FIGS. 4 and 5 , respectively.
  • the source host then intercepts the subsequent source-side network message (act 702 ), and modifies the destination address of the network message so as to use the routable device identifier that addresses the destination virtual machine as a destination address.
  • FIG. 6G illustrates the network message in which there has been an encapsulation of an additional addressing structure.
  • the destination address remains the routable device identifier (DIP D ) of the destination virtual machine, but the source address is modified to be the routable device identifier (DIP S ) of the source virtual machine.
  • This modified message is dispatched (act 703 ), and does not reach the load balancer (since the virtual network address VIP D is not in the controlling destination address field). But rather, the message arrives at the destination host (act 704 ).
  • the destination host decapsulates the message to extract the original message issued by the source virtual machine (act 705 ), and passes that original message to the destination virtual machine (act 706 ).
  • the load balancer played no role in this delivery.
  • the principles described herein allow for much of the flow messages associated with a flow to be routed directly to the destination virtual machine, thus making delivery more efficient. Furthermore, this is done while allowing load balancing to be decided by a load balancer early in the flow. Thus, load balancing may still be applied to the flow generally. Furthermore, if the load balancer were to malfunction, the flow may continue.

Abstract

Bypassing a load balancer that initially appeared in a multi-message flow from a source machine served by a source intermediary and a target machine served on a target intermediary. One or more original network messages (and perhaps just the first) of the flow arrive from the source intermediary at the load balancer, which selects which machine is to be a destination machine, and it turns out selects the destination machine serviced by the destination intermediary. In response to receiving this message, the destination intermediary instructs the source intermediary to transmit subsequent messages in the flow in a manner that bypasses the load balancer. To facilitate this, the source intermediary may modify addressing of subsequent flow messages from the source machine such that they are rerouted to the destination machine without addressing the load balancer.

Description

    BACKGROUND
  • A load balancer allows multiple machines to be associated with a single virtual network address. Network messages that are addressed to the virtual network address are received by the load balancer, which decides which of multiple machines are to handle the network message. The load balancer then forwards the network message towards a destination intermediary. The destination intermediary then delivers the network message to the designated machine.
  • BRIEF SUMMARY
  • At least one embodiment described herein relates to bypassing a load balancer that initially appeared in a multi-message flow from a source machine served by a source intermediary and a destination machine served by a destination intermediary. One or more original network messages (and perhaps just the first) of the flow arrive from the source intermediary at the load balancer. The load balancer selects which machine is to send the message to, and it turns out selects the destination machine. The load balancer then dispatches the network message to the destination intermediary that serves the destination machine. In response to receiving this message, the destination intermediary instructs the source intermediary to transmit subsequent messages in the flow to the destination machine in a manner that bypasses the load balancer. To facilitate this, the source intermediary may modify addressing of subsequent flow messages from the source machine such that they are rerouted to the destination machine without addressing the load balancer.
  • This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used as an aid in determining the scope of the claimed subject matter.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • In order to describe the manner in which the above-recited and other advantages and features can be obtained, a more particular description of various embodiments will be rendered by reference to the appended drawings. Understanding that these drawings depict only sample embodiments and are not therefore to be considered to be limiting of the scope of the invention, the embodiments will be described and explained with additional specificity and detail through the use of the accompanying drawings in which:
  • FIG. 1 abstractly illustrates a computing system in which some embodiments described herein may be employed;
  • FIG. 2 abstractly illustrates a host computing system that hosts multiple virtual machines and provides access to physical resources through a hypervisor;
  • FIG. 3 abstractly illustrates a distributed environment in which three hosts are communicating, and in which a load balancer load balances across a virtual network address that may correspond to virtual machines on different hosts;
  • FIG. 4 illustrates a flowchart of a method for a source machine communicating a first exchange in a multi-message flow with a destination machine in a separate instruction embodiment;
  • FIG. 5A illustrates a first half of a flowchart of a method for a source machine communicating a first exchange in a multi-message flow with a destination machine in an integrated response embodiment;
  • FIG. 5B illustrates a second half of the flowchart of FIG. 5A;
  • FIGS. 6A through 6G illustrate various example data structures of a network message in various stages of processing; and
  • FIG. 7 illustrates a flowchart of a method for delivering subsequent network messages associated with the same flow from the source machine to the destination machine.
  • DETAILED DESCRIPTION
  • In accordance with embodiments described herein, the bypassing of a load balancer is described. The load balancer initially appears in a multi-message flow from a source machine served by a source intermediary and a destination machine served by a destination intermediary.
  • One or more original network messages (and perhaps just the first) of the flow arrive from the source intermediary at the load balancer. The load balancer selects which machine is to handle the message, and it turns out selects the destination machine. The load balancer then dispatches the network message to the destination intermediary that serves the destination machine. In response to receiving this message, the destination intermediary instructs the source intermediary to transmit subsequent messages in the flow in a manner that bypasses the load balancer. To facilitate this, the source intermediary may modify addressing of subsequent flow messages from the source machine such that they are rerouted to the destination machine without addressing the load balancer.
  • While the network messages described herein may be Internet Protocol (IP) layer network messages, the network messages may occur higher that this layer in the protocol stack, and may even be application-layer network messages. The source machine may operate in a cloud computing environment, in the public Internet, or in any other environment. Likewise, the destination machine may also operate in a cloud computing environment, in the public Internet, or in any other environment. Furthermore, there may be any permutation of source and destination virtual machines including 1) both source and destination machines being virtual machines, 2) both source and destination machines being physical machines, 3) the source machine being a virtual machine and the destination machine being a physical machine, and 4) the source machine being a physical machine and the destination machine being a virtual machine.
  • Some introductory discussion of a computing system will be described with respect to FIG. 1. Then, the principles of operation of virtual machines will be described with respect to FIG. 2. Subsequently, the principles of the bypass of a load balancer will be described with respect to FIG. 3 and successive figures.
  • Computing systems are now increasingly taking a wide variety of forms. Computing systems may, for example, be handheld devices, appliances, laptop computers, desktop computers, mainframes, distributed computing systems, or even devices that have not conventionally been considered a computing system. In this description and in the claims, the term “computing system” is defined broadly as including any device or system (or combination thereof) that includes at least one physical and tangible processor, and a physical and tangible memory capable of having thereon computer-executable instructions that may be executed by the processor. The memory may take any form and may depend on the nature and form of the computing system. A computing system may be distributed over a network environment and may include multiple constituent computing systems.
  • As illustrated in FIG. 1, in its most basic configuration, a computing system 100 typically includes at least one processing unit 102 and memory 104. The memory 104 may be physical system memory, which may be volatile, non-volatile, or some combination of the two. The term “memory” may also be used herein to refer to non-volatile mass storage such as physical storage media. If the computing system is distributed, the processing, memory and/or storage capability may be distributed as well. As used herein, the term “module” or “component” can refer to software objects or routines that execute on the computing system. The different components, modules, engines, and services described herein may be implemented as objects or processes that execute on the computing system (e.g., as separate threads).
  • In the description that follows, embodiments are described with reference to acts that are performed by one or more computing systems. If such acts are implemented in software, one or more processors of the associated computing system that performs the act direct the operation of the computing system in response to having executed computer-executable instructions. For example, such computer-executable instructions may be embodied on one or more computer-readable media that form a computer program product. An example of such an operation involves the manipulation of data. The computer-executable instructions (and the manipulated data) may be stored in the memory 104 of the computing system 100. Computing system 100 may also contain communication channels 108 that allow the computing system 100 to communicate with other message processors over, for example, network 110.
  • Embodiments described herein may comprise or utilize a special purpose or general-purpose computer including computer hardware, such as, for example, one or more processors and system memory, as discussed in greater detail below. Embodiments described herein also include physical and other computer-readable media for carrying or storing computer-executable instructions and/or data structures. Such computer-readable media can be any available media that can be accessed by a general purpose or special purpose computer system. Computer-readable media that store computer-executable instructions are physical storage media. Computer-readable media that carry computer-executable instructions are transmission media. Thus, by way of example, and not limitation, embodiments of the invention can comprise at least two distinctly different kinds of computer-readable media: computer storage media and transmission media.
  • Computer storage media includes RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium which can be used to store desired program code means in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer.
  • A “network” is defined as one or more data links that enable the transport of electronic data between computer systems and/or modules and/or other electronic devices. When information is transferred or provided over a network or another communications connection (either hardwired, wireless, or a combination of hardwired or wireless) to a computer, the computer properly views the connection as a transmission medium. Transmissions media can include a network and/or data links which can be used to carry or desired program code means in the form of computer-executable instructions or data structures and which can be accessed by a general purpose or special purpose computer. Combinations of the above should also be included within the scope of computer-readable media.
  • Further, upon reaching various computer system components, program code means in the form of computer-executable instructions or data structures can be transferred automatically from transmission media to computer storage media (or vice versa). For example, computer-executable instructions or data structures received over a network or data link can be buffered in RAM within a network interface module (e.g., a “NIC”), and then eventually transferred to computer system RAM and/or to less volatile computer storage media at a computer system. Thus, it should be understood that computer storage media can be included in computer system components that also (or even primarily) utilize transmission media.
  • Computer-executable instructions comprise, for example, instructions and data which, when executed at a processor, cause a general purpose computer, special purpose computer, or special purpose processing device to perform a certain function or group of functions. The computer executable instructions may be, for example, binaries, intermediate format instructions such as assembly language, or even source code. Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the described features or acts described above. Rather, the described features and acts are disclosed as example forms of implementing the claims.
  • Those skilled in the art will appreciate that the invention may be practiced in network computing environments with many types of computer system configurations, including, personal computers, desktop computers, laptop computers, message processors, hand-held devices, multi-processor systems, microprocessor-based or programmable consumer electronics, network PCs, minicomputers, mainframe computers, mobile telephones, PDAs, pagers, routers, switches, and the like. The invention may also be practiced in distributed system environments where local and remote computer systems, which are linked (either by hardwired data links, wireless data links, or by a combination of hardwired and wireless data links) through a network, both perform tasks. In a distributed system environment, program modules may be located in both local and remote memory storage devices.
  • Having described a physical computing system (or physical machine) with respect to FIG. 1, the concept of a virtual computing system (or virtual machine) will now be described. One type of physical computing system is termed a host computing system (or simply “host”). Each host is capable of running one or more, and potentially many, virtual machines. For instance, FIG. 2 abstractly illustrates a host 200 in further detail. In the case of FIG. 2, the host 200 is illustrated as operating three virtual machines 210 including virtual machines 210A, 210B and 210C. However, the ellipses 210D once again represents that the principles described herein are not limited to the number of virtual machines running on the host 200. There may be as few as zero virtual machines running on the host with the only upper limit being defined by the physical capabilities of the host 200.
  • During operation, the virtual machines emulates a fully operational computing system including an at least an operating system, and perhaps one or more other applications as well. Each virtual machine is assigned to a particular client, and is responsible to support the desktop environment for that client.
  • The virtual machine generates a desktop image or other rendering instructions that represent a current state of the desktop, and then transmits the image or instructions to the client for rendering of the desktop. As the user interacts with the desktop at the client, the user inputs are transmitted from the client to the virtual machine. The virtual machine processes the user inputs and, if appropriate, changes the desktop state. If such change in desktop state is to cause a change in the rendered desktop, then the virtual machine alters the image or rendering instructions, if appropriate, and transmits the altered image or rendered instructions to the client computing system for appropriate rendering. From the prospective of the user, it is as though the client computing system is itself performing the desktop processing.
  • The host 200 includes a hypervisor 220 that emulates virtual resources for the virtual machines 210 using physical resources 221 that are abstracted from view of the virtual machines 210. The hypervisor 221 also provides proper isolation between the virtual machines 210. Thus, from the perspective of any given virtual machine, the hypervisor 220 provides the illusion that the virtual machine is interfacing with a physical resource, even though the virtual machine only interfaces with the appearance (e.g., a virtual resource) of a physical resource, and not with a physical resource directly. In FIG. 2, the physical resources 221 are abstractly represented as including resources 221A through 221F. Examples of physical resources 221 including processing capacity, memory, disk space, network bandwidth, media drives, and so forth.
  • FIG. 3 illustrates a distributed system 300 that includes three intermediaries. In the case of FIG. 3, the communicating machines are virtual machines and thus, the three intermediaries are illustrated as being hypervisors within host computing systems 310, 320 and 330 (hereinafter referred to simply as “hosts”). Each host 310, 320 and 330 may be structured and operate as described above for the host 200 of FIG. 2. Each host has a hypervisor much as host 200 has hypervisor 220. For instances, hosts 310, 320 and 330 have respective hypervisors 311, 321 and 331.
  • Alternatively, if the virtual machines 312 were instead physical machines, the hypervisor 311 might be replaced by another intermediary, such as a vmswitch, suitable for physical machines. Likewise, if the virtual machines 322 were instead physical machines, the hypervisor 321 might be replaced by a vmswitch. Furthermore, if the virtual machines 332 were instead physical machines, the hypervisor 331 might also be replaced by a vmswitch. Accordingly, throughout the remainder of this description, where the terms “source virtual machine” and “source host” are referred to, these terms may be replaced by respective terms “source physical machine” and “source vmswitch”. Likewise, where the terms “destination virtual machine” and “destination host” are referred to, these terms may be replaced by respective terms “destination physical machine” and “destination vmswitch”. Nevertheless, the example of FIGS. 4 through 7 will proceed with the discussion of the exchange in the specific example of a virtual machine.
  • Each host has virtual machines running thereon much as host 200 has virtual machines 210 running thereon. For instance, host 310 has running thereon virtual machines 312, including virtual machine 312A, 312B and 312C, although the ellipses 312D represent flexibility in the number of virtual machines running on the host 310. Host 320 has running thereon virtual machines 322, including virtual machine 322A, 322B and 322C, although the ellipses 322D represent flexibility in the number of virtual machines running on the host 320. Host 330 has running thereon virtual machines 332, including virtual machine 332A, 332B and 332C, although the ellipses 332D represent flexibility in the number of virtual machines running on the host 330. Each virtual machine is addressable by a routable device identifier. For instance, virtual machines 312A, 312B, 312C, 322A, 322B, 322C, 332A, 332B and 332C are addressable by respective routable device identifiers 313A, 313B, 313C, 323A, 323B, 323C, 333A, 333B and 332C.
  • The distributed system 300 also includes a load balancer 340 that gets traffic for virtual network address 341. The load balancer 340 is configured such that messages that are received by the load balancer 342 and that are addressed using the virtual network address 341, are distributed to one of a group of virtual machines associated with the virtual network address. For instance, there are three virtual machines associated with the virtual network address 341 including virtual machine 322B (as represented by association 351), virtual machine 322A (as represented by association 352) and virtual machine 332C (as represented by association 353).
  • The load balancer 340 performs load balancing by selecting one of the virtual machines 332B, 332A or 332C to receive the message addressed to the virtual network, and dispatches the network message to that selected virtual machine. The ellipses 342 represents that the load balancer 340 may perform this load balancing function for other virtual network addresses also, which virtual network address may be associated with a distinct set of one or more virtual machines. The virtual network address includes a virtual Internet Protocol (IP) address. In the examples addressed below, virtual machine 312A will be a source virtual machine for a particular message flow, source host 310 will be a source host for that message flow, virtual machine 322A will be a destination virtual machine for that message flow, and host 320 will be a destination host for that message flow.
  • There are two embodiments of instructing the source host to bypass the load balancer. One will be referred to as a “separate instruction” embodiment in which the destination host provides an instruction to bypass that is separate and apart from the response to the first source-side network message associated with the flow. This first embodiment may be helpful in cases in which, for example, there might not be a response to the source-side network message. The second embodiment will be referred to as an “integrated response” embodiment in which the destination host provides bypass instructions within the response to the source-side network message.
  • FIG. 4 illustrates a flowchart of a method 400 for a source virtual machine on a source host communication a “first” exchange in a multi-message flow with a destination virtual machine hosted by a destination host. FIG. 4 specifically addresses the separate instruction embodiment. FIG. 5 illustrates a flowchart of a method that is similar to that of FIG. 4, except that it addresses the integrated response embodiment. In this description and in the claims, the terms “first”, “second”, and so forth are not intended to imply an actually temporal ordering, but merely to distinguish one item from another. For instance, the “first” exchange illustrated in FIG. 4 need not be the actual first exchange between the source virtual machine and the destination virtual machine, nor even the actual first exchange in a particular message flow. Nevertheless, the exchanges of FIGS. 4 and 5A and 5B, occur before the subsequent message of FIG. 7.
  • In FIG. 4 and FIGS. 5A and 5B, those acts that are performed by the source virtual machine (e.g., source virtual machine 312A) are in the left column of FIGS. 4 and 5 under the header “SOURCE VM”. Those acts that are performed by the source host or hypervisor (e.g., host 310 or hypervisor 311) are in the second to left column under the header “SOURCE HOST”. Those acts that are performed by the load balancer (e.g., load balancer 340) are in the middle column under the header “LB”. Those acts that are performed by the destination host or hypervisor (e.g., host 320 or hypervisor 321) are in the second to right column under the header “DESTINATION HOST”. Those acts that are performed by the destination virtual machine (e.g., destination virtual machine 322A) are in the right column under the header “DESTINATION VM”. The methods 400 and 500 will be described concurrently up to the point where the “separate instruction” and “integrated response” embodiments diverge.
  • The methods 400 and 500 begin with the source virtual machine generating a source-side network message (acts 401 and 501). In this description and in the claims a “source-side” network message refers to a network message generated by the source virtual machine, hypervisor, or host; whereas a “destination-side” network message refers to a network message generated by the destination virtual machine, hypervisor, or host.
  • The destination address has a destination virtual network address that is routed through the load balancer, and a source address that includes a routable device identifier that addresses the source virtual machine. In the embodiments described herein, the virtual network address and the routable device identifiers are network-level addresses. However, the principles described herein also apply to addresses at other layers of the protocol stack, such as the application-level. In the embodiments described further below, the virtual network addresses are virtual Internet Protocol (IP) or (VIP) addresses, and the routable device identifiers are Device IP (or DIP) addresses.
  • FIG. 6A illustrates example data structure of the source-side network message generated by the source virtual machine in acts 401 and 501. In addition to data and a TCP/IP header, the network message includes the virtual IP address of the load balancer (VIPD) as the destination address, as well as the routable device identifier of the source virtual machine (DIPS) as the source address.
  • The source host (e.g., the source hypervisor 311) intercepts the source-side network message (acts 402 and 502). The source host then dispatches the source-side network message (acts 403 and 503) without altering the source or destination addresses. This might involve some configuration to ensure that the source address does not undergo Network Address Translation (NAT) and thus remains unchanged.
  • The source-side network message is routed through the network, and since the destination address is the virtual network address served by the load balancer, the load balancer receives the source-side network message (acts 404 and 504). For instance, referring to FIG. 3, the load balancer 340 may receive a network message that included the virtual network address 341 as the destination address.
  • The load balancer then selects one of the group of virtual machines associated with the virtual network address as being the destination virtual machine (acts 405 and 505). For instance, in FIG. 3, virtual machines 322B, 322A and 332C are associated with the virtual network address 341. In the example, suppose that the load balancer 340 selects virtual machine 322A as the destination virtual machine (and thus the host 320 would be the destination host).
  • The load balancer then augments the source-side network message to be from the load balancer to the selected destination virtual machine (acts 406 and 506). This augmentation may be done by, for example, encapsulating the original message with an additional operative addressing header. For instance, FIG. 6B shows the source-side network message which is the same as that of FIG. 6A, except that the encapsulating addressing layer (which will function to route the message) includes a destination address that includes the routable device identifier (e.g., DIPD) that addresses the destination virtual machine (e.g., virtual machine 322A), and that includes a source address that addresses the load balancer (e.g., MUX).
  • The load balancer then dispatches the augmented source-side network message to the selected destination virtual machine (acts 407 and 507). For instance, the load balancer 340 may dispatch the augmented source-side network message illustrated in FIG. 6B to the destination virtual machine 322A.
  • The destination host then receives the augmented source-side network message (acts 408 and 508), and accesses the pre-augmented version of the source-side network message (acts 409 and 509). For instance, in the context of the network message of FIG. 6B, the message may be decapsulated in order to arrive again at the message of FIG. 6A.
  • The destination host then determines that the source host is to address subsequent network messages originated from the source virtual machine and associated with the same multi-message flow to the destination virtual machine in a manner that bypasses the load balancer (acts 410 and 510). For instance, the destination hypervisor 321 may have been previously instructed to cause redirection to happen for any flow from any source virtual machine that arrives via the load balancer.
  • The host then provides the redirection instruction to the source host. However, as previously mentioned, there are two different embodiments described herein for providing this instruction. In the embodiment of FIG. 4, which describes the separate instruction approach, the instruction is provided out-of-band from any response to the source-side network message.
  • In the separate instruction approach, the source-side network message is passed to the destination virtual machine (act 411). In addition, the instruction message is dispatched from the destination host to the source host (act 412), which receives the instruction (act 413). Although the instruction message is shown as being dispatched (act 412) after the source-side network message is passed (act 411) to the destination virtual machine, there is no timing dependency between those two acts. The destination virtual machine receives the source-side network message (act 414), and if a response is to be generated, generates the response (act 415), and dispatches the destination-side network message (i.e., the response) to the source virtual machine (act 416). The source virtual machine then receives the response (act 417)
  • Returning to FIG. 5, and act 510, the destination host determines that the flow is to be redirected to bypass the load balancer. The destination host or hypervisor then modifies the source-side network message such that the destination address includes a routable device identifier that addresses the source virtual machine (act 511). For instance, FIG. 6A illustrates the source-side network message that was extracted from the augmented source-side network message received from the load balancer. FIG. 6C illustrates the source-side network message but in which the destination address changes from the virtual network address (VIPD) of the load balancer to the routable device identifier (DIPD) of the source virtual machine.
  • Referring to FIG. 5B, the source host then passes the modified source-side network message to the destination virtual machine (act 512), which receives the modified-source side network message (act 513). The destination virtual machine then generates a destination-side network message (act 514), which will be referred to hereinafter simply as “the response”. FIG. 6D illustrates an example response to the source-side network message of FIG. 6C. The source and destination addresses are reversed as is typical of any response. The destination address includes the routable device identifier (DIPS) that addresses the source virtual machine, and the source address is the routable device identifier (DIPD) that addresses the destination virtual machine.
  • The destination host accesses (act 515) and modifies the response (act 516) so that the source address includes the virtual network address that addresses the load balancer. FIG. 6E illustrates such a modified response. In this case, although not required, the original response is encapsulated with an addressing header which again specifies the routable device identifier (DIPS) as the destination address, but the virtual network address (VIPD) of the load balancer as the source address. The destination host then dispatches the augmented response to the source virtual machine (act 517).
  • The source host receives the augmented response (act 518), and extracts the original response from the response (act 519). For instance, in the case of the encapsulated response of FIG. 6E, the source host may decapsulate the response to obtain the originally generated response represented in FIG. 6D. The source host then modifies the original response so that the source address includes the destination virtual network address of the load balancer (act 520). The source host also notes the routable device identifier (e.g., DIPD) of the destination virtual machine for modification described hereinafter associated with subsequent source-side network messages. As an example, FIG. 6F illustrates a modified response. The source host then dispatches the response (act 521), which is received by the source virtual machine (act 522).
  • From the perspective of the source virtual machine, the source virtual machine issued a message to the virtual network address, and received a response from the virtual network address. In the background, the source host has been configured to redirect subsequent messages for the flow from the source host to bypass the load balancer.
  • In some embodiments, to facilitate the case where the source host is not capable of responding to an instruction to redirect subsequent flow messages, the destination host might also return a normal response to the original source-side network message that does not include an instruction. For instance, FIG. 6F again illustrates an example of such a response. Comparing to the original source-side network message of FIG. 6A, note that the source and destination addresses are reversed. Thus, even a source host that is not capable of responding to the instruction represented in FIG. 6E, will still recognize the response of FIG. 6F as being responsive. Thus, the principles described herein may be rolled out in a controlled fashion.
  • FIG. 7 illustrates a flowchart of a method 700 for delivering subsequent network messages associated with the same flow from the source virtual machine to the destination virtual machine. The method 700 may be performed for each subsequent network message. From the perspective of the source and destination virtual machines, the redirection is not apparent. The source virtual machine merely dispatch a second (or third, and so forth) source-side network message (act 701) that has a destination address that includes the destination virtual network address that addresses the load balancer, and that has a source address that includes a routable device identifier that addresses the source virtual machine. For instance, such a subsequent network message may be structured as described in FIG. 6A, and thus act 701 may be the same as acts 401 and 501 of FIGS. 4 and 5, respectively.
  • The source host then intercepts the subsequent source-side network message (act 702), and modifies the destination address of the network message so as to use the routable device identifier that addresses the destination virtual machine as a destination address. For instance, FIG. 6G illustrates the network message in which there has been an encapsulation of an additional addressing structure. In this case, the destination address remains the routable device identifier (DIPD) of the destination virtual machine, but the source address is modified to be the routable device identifier (DIPS) of the source virtual machine. This modified message is dispatched (act 703), and does not reach the load balancer (since the virtual network address VIPD is not in the controlling destination address field). But rather, the message arrives at the destination host (act 704). The destination host decapsulates the message to extract the original message issued by the source virtual machine (act 705), and passes that original message to the destination virtual machine (act 706). The load balancer played no role in this delivery.
  • The principles described herein allow for much of the flow messages associated with a flow to be routed directly to the destination virtual machine, thus making delivery more efficient. Furthermore, this is done while allowing load balancing to be decided by a load balancer early in the flow. Thus, load balancing may still be applied to the flow generally. Furthermore, if the load balancer were to malfunction, the flow may continue.
  • The present invention may be embodied in other specific forms without departing from its spirit or essential characteristics. The described embodiments are to be considered in all respects only as illustrative and not restrictive. The scope of the invention is, therefore, indicated by the appended claims rather than by the foregoing description. All changes which come within the meaning and range of equivalency of the claims are to be embraced within their scope.

Claims (20)

What is claimed is:
1. A computer program product comprising one or more computer-readable storage media having thereon computer-executable instructions that are structured such that, when executed by one or more processors of a destination intermediary that serves a destination machine engaged in a multi-message flow from a source machine served by a source intermediary, causes the destination intermediary to perform a method for redirecting the multi-message flow so as to bypass a load balancer used in one or more previous network messages associated with the multi-message flow, the method performed in response to the destination intermediary receiving a network message belonging to the multi-message flow from the load balancer, the method comprising:
an act of determining that the source intermediary is to address subsequent network messages originated from the source machine and associated with the same multi-message flow to the destination machine in a manner that bypasses the load balancer;
an act of instructing the source intermediary to address subsequent network messages from the source machine and associated with the same multi-message flow to the destination machine in the manner that bypasses the load balancer.
2. The computer program product in accordance with claim 1, wherein the act of instructing the source intermediary comprises:
an act of accessing the network message having a source address that includes a routable device identifier that addresses the source machine, and a destination address that includes a virtual network address of the load balancer.
3. The computer program product in accordance with claim 2, wherein the virtual network address is a virtual IP address that is load balanced across a plurality of destinations.
4. The computer program product in accordance with claim 2, wherein the act of instructing the source intermediary comprises:
an act of modifying the network message such that the destination address includes a routable device identifier that addresses the destination machine; and
an act of passing the modified network message to the destination machine.
5. The computer program product in accordance with claim 4, wherein the act of instructing the source intermediary comprises the following in response to the destination intermediary accessing a destination-side network message from the destination machine that is a response to the modified network message:
an act of modifying the destination-side network message so that the source address includes a routable device identifier that addresses the load balancer; and
an act of dispatching the modified destination-side network message to the source machine.
6. The computer program product in accordance with claim 5, wherein the act of modifying the destination-side network message comprises an act of encapsulating the destination-side network message.
7. The computer program product in accordance with claim 5, the method further comprising:
an act of the destination host dispatching a separate destination-side network message to the source intermediary, the separate destination-side network message being in response to the network message received from the load balancer, and representing the instruction to the source intermediary to address subsequent network messages from the source machine and associated with the same multi-message flow to the destination machine in the manner that bypasses the load balancer.
8. The computer program product in accordance with claim 1, wherein the act of instructing the source intermediary to address subsequent network messages from the source machine and associated with the same multi-message flow to the destination machine in the manner that bypasses the load balancer comprises encapsulation of the messages to the destination intermediary:
9. The computer program product in accordance with claim 1, wherein the multi-message flow is at an application level.
10. The computer program product in accordance with claim 1, wherein the multi-message flow is at a network level.
11. A method of a source machine on a source intermediary communicating a multi-message flow to a destination machine on a destination intermediary, the method comprising:
an act of the source machine dispatching a source-side network message that has a destination address that includes a destination virtual network address that is routed via a load balancer that distributes network messages addressed to the virtual network address to one of multiple machines associated with the virtual network address, wherein the destination machine is one of the multiple machines associated with the virtual network address, the source-side network message having a source address that includes a routable device identifier that addresses the source machine; and
an act of the source intermediary receiving a subsequent destination-side network message that is interpretable by the source intermediary as instructing the source intermediary to dispatch subsequent network messages related to the same flow as the source-side network message to a routable device identifier that addresses the destination machine.
12. The method in accordance with claim 11, wherein the subsequent destination-side network message has a source address that includes the routable device identifier that addresses the destination machine, and a destination address that includes the routable device identifier that addresses the source machine.
13. The method in accordance with claim 12, wherein the act of receiving the subsequent destination-side network message comprises:
an act of creating an encapsulated destination-side network message that encapsulates the subsequent destination-side network message with encapsulating address information, the encapsulated address information including a source address that includes the virtual network address that addresses the load balancer; and
an act of the source intermediary decapsulating the encapsulated destination-side network message and interpreting the encapsulated message as instruction to modify subsequent source-side network messages related to the same flow.
14. The method in accordance with claim 11, further comprising:
an act of the source intermediary modifying the subsequent destination-side network message so that the source address includes the destination virtual network address of the load balancer.
15. The method in accordance with claim 11, the source-side network message being a first source-side network message, the method further comprising:
an act of the source machine dispatching a second source-side network message that has a destination address that includes the destination virtual network address that addresses the load balancer, and that has a source address that includes a routable device identifier that addresses the source machine.
16. The method in accordance with claim 15, further comprising:
an act of the source intermediary intercepting the second source-side network message;
an act of the source intermediary modifying the second source-side network message so as to use the routable device identifier that addresses the destination machine as a destination address; and
an act of the source intermediary dispatching the modified second source-side network message towards the destination machine in a manner that bypasses the load balancer.
17. The method in accordance with claim 16, wherein the modification of the second network message at the source intermediary comprises message encapsulation.
18. The method in accordance with claim 13, wherein the act of source intermediary accepting the encapsulated message includes verifying the identity of the message sender and rejecting the message if the identity cannot be verified.
19. The method in accordance with claim 18, wherein the act of verifying the identity of the sender comprises verifying that the message contains data from the first source-side message
20. A distributed system comprising:
a source host that host a source virtual machine for a particular multi-message flow and that has a source hypervisor, the source virtual machine being addressable by a source device unique identifier;
a destination host that hosts a destination virtual machine for the particular multi-message flow and that has a destination hypervisor, the destination virtual machine being addressable by a destination device unique identifier; and
a load balancer addressable by a virtual network address, the load balancer configured to distribute network messages addressed to the virtual network address to one of multiple virtual machines, including the destination virtual machine, associated with the virtual network address;
wherein the source hypervisor is configured to perform the following in response to accessing a first source-side network message associated with the message flow, the first source-side network message having a destination address that includes the virtual network address that addresses the load balancer, and having a source address that includes a routable device identifier that addresses the source virtual machine: an act of the source host dispatching the first source-side network message,
wherein the source hypervisor is configured to perform the following in response to 1) the source host receiving a subsequent destination-side network message that is interpretable by the source host as instructing the source host to dispatch subsequent network messages related to the same flow as the first source-side network message to a routable device identifier that addresses the destination virtual machine, and 2) the source hypervisor accessing a second source-side network message that has a destination address that includes the destination virtual network address that addresses the load balancer, and that has a source address that includes a routable device identifier that addresses the source virtual machine:
an act of the source host intercepting the second source-side network message;
an act of the source host modifying the second source-side network message so as to use the routable device identifier that addresses the destination virtual machine as a destination address; and
an act of the source host dispatching the modified second source-side network message towards the destination virtual machine in a manner that bypasses the load balancer.
US13/652,718 2012-10-16 2012-10-16 Load balancer bypass Active 2033-08-05 US9246998B2 (en)

Priority Applications (6)

Application Number Priority Date Filing Date Title
US13/652,718 US9246998B2 (en) 2012-10-16 2012-10-16 Load balancer bypass
EP13785712.4A EP2909999B1 (en) 2012-10-16 2013-10-16 Load balancer bypass
BR112015007738-2A BR112015007738B1 (en) 2012-10-16 2013-10-16 Method for load balancer bypass
CN201380054147.2A CN104756466B (en) 2012-10-16 2013-10-16 Load balancer bypasses method and system
PCT/US2013/065159 WO2014062752A1 (en) 2012-10-16 2013-10-16 Load balancer bypass
US14/972,951 US9826033B2 (en) 2012-10-16 2015-12-17 Load balancer bypass

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US13/652,718 US9246998B2 (en) 2012-10-16 2012-10-16 Load balancer bypass

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US14/972,951 Continuation US9826033B2 (en) 2012-10-16 2015-12-17 Load balancer bypass

Publications (2)

Publication Number Publication Date
US20140108655A1 true US20140108655A1 (en) 2014-04-17
US9246998B2 US9246998B2 (en) 2016-01-26

Family

ID=49515490

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/652,718 Active 2033-08-05 US9246998B2 (en) 2012-10-16 2012-10-16 Load balancer bypass
US14/972,951 Active US9826033B2 (en) 2012-10-16 2015-12-17 Load balancer bypass

Family Applications After (1)

Application Number Title Priority Date Filing Date
US14/972,951 Active US9826033B2 (en) 2012-10-16 2015-12-17 Load balancer bypass

Country Status (5)

Country Link
US (2) US9246998B2 (en)
EP (1) EP2909999B1 (en)
CN (1) CN104756466B (en)
BR (1) BR112015007738B1 (en)
WO (1) WO2014062752A1 (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140280969A1 (en) * 2013-03-15 2014-09-18 Conrad N. Wood Load Balancer and Related Techniques
US9361171B2 (en) 2014-03-07 2016-06-07 ProfitBricks, Inc. Systems and methods for storage of data in a virtual storage device
US9454314B2 (en) 2014-03-07 2016-09-27 ProfitBricks, Inc. Systems and methods for creating an image of a virtual storage device
US9667739B2 (en) 2011-02-07 2017-05-30 Microsoft Technology Licensing, Llc Proxy-based cache content distribution and affinity
US9826033B2 (en) 2012-10-16 2017-11-21 Microsoft Technology Licensing, Llc Load balancer bypass
US20180241809A1 (en) * 2017-02-21 2018-08-23 Microsoft Technology Licensing, Llc Load balancing in distributed computing systems
US20190166050A1 (en) * 2017-11-30 2019-05-30 Juniper Networks, Inc. Optimizing fabric path forwarding for virtual nodes within an electronic device
CN109937401A (en) * 2016-11-15 2019-06-25 微软技术许可有限责任公司 Via the real-time migration for the load balancing virtual machine that business bypass carries out
US11106482B2 (en) 2019-05-31 2021-08-31 Microsoft Technology Licensing, Llc Connectivity migration in a virtual execution system

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9935834B1 (en) 2015-03-13 2018-04-03 Cisco Technology, Inc. Automated configuration of virtual port channels
US10110668B1 (en) 2015-03-31 2018-10-23 Cisco Technology, Inc. System and method for monitoring service nodes
US9954783B1 (en) 2015-03-31 2018-04-24 Cisco Technology, Inc. System and method for minimizing disruption from failed service nodes
US9985894B1 (en) * 2015-04-01 2018-05-29 Cisco Technology, Inc. Exclude filter for load balancing switch
US10079725B1 (en) 2015-04-01 2018-09-18 Cisco Technology, Inc. Route map policies for network switches
US10103995B1 (en) 2015-04-01 2018-10-16 Cisco Technology, Inc. System and method for automated policy-based routing
US10033631B1 (en) 2015-04-23 2018-07-24 Cisco Technology, Inc. Route distribution for service appliances
US10075377B1 (en) 2015-04-23 2018-09-11 Cisco Technology, Inc. Statistical collection in a network switch natively configured as a load balancer
US9935882B2 (en) 2015-05-13 2018-04-03 Cisco Technology, Inc. Configuration of network elements for automated policy-based routing
US10404788B2 (en) * 2016-06-30 2019-09-03 Alibaba Group Holding Limited Express route transmissions between virtual machines and cloud service computing devices
US10419330B2 (en) 2016-07-21 2019-09-17 Alibaba Group Holding Limited Express route transmissions between virtual machines and cloud service computing devices
US20180054475A1 (en) * 2016-08-16 2018-02-22 Microsoft Technology Licensing, Llc Load balancing system and method for cloud-based network appliances
US10848432B2 (en) 2016-12-18 2020-11-24 Cisco Technology, Inc. Switch fabric based load balancing
US10965598B1 (en) 2017-10-04 2021-03-30 Cisco Technology, Inc. Load balancing in a service chain
US10965596B2 (en) 2017-10-04 2021-03-30 Cisco Technology, Inc. Hybrid services insertion
US11082312B2 (en) 2017-10-04 2021-08-03 Cisco Technology, Inc. Service chaining segmentation analytics
US10581962B2 (en) * 2017-11-01 2020-03-03 Alibaba Group Holding Limited Direct communication between physical server and storage service
CN108809985B (en) * 2018-06-13 2021-01-26 山东云科汉威软件有限公司 Mobile platform system
US11102114B2 (en) 2018-12-28 2021-08-24 Alibaba Group Holding Limited Method, apparatus, and computer-readable storage medium for network optimization for accessing cloud service from on-premises network

Citations (60)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5251205A (en) * 1990-09-04 1993-10-05 Digital Equipment Corporation Multiple protocol routing
US5774660A (en) * 1996-08-05 1998-06-30 Resonate, Inc. World-wide-web server with delayed resource-binding for resource-based load balancing on a distributed resource multi-node network
US5892903A (en) * 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US6249801B1 (en) * 1998-07-15 2001-06-19 Radware Ltd. Load balancing
US20020059429A1 (en) * 1999-01-20 2002-05-16 Geoffrey C. Carpenter Client-side method and apparatus for improving the availability and performance of network mediated services
US20020078174A1 (en) * 2000-10-26 2002-06-20 Sim Siew Yong Method and apparatus for automatically adapting a node in a network
US6470389B1 (en) * 1997-03-14 2002-10-22 Lucent Technologies Inc. Hosting a network service on a cluster of servers using a single-address image
US6496505B2 (en) * 1998-12-11 2002-12-17 Lucent Technologies Inc. Packet tunneling optimization to wireless devices accessing packet-based wired networks
US20030026410A1 (en) * 2000-12-14 2003-02-06 Lumsden John E. Distributed redirect server
US20030056002A1 (en) * 2001-09-18 2003-03-20 Trethewey James R. Load balancing and fault tolerance for server-based software applications
US6587431B1 (en) * 1998-12-18 2003-07-01 Nortel Networks Limited Supertrunking for packet switching
US6671259B1 (en) * 1999-03-30 2003-12-30 Fujitsu Limited Method and system for wide area network load balancing
US20040030765A1 (en) * 2002-08-12 2004-02-12 Zilbershtein Itai Ephraim Local network natification
US6742044B1 (en) * 2000-05-10 2004-05-25 Cisco Technology, Inc. Distributed network traffic load balancing technique implemented without gateway router
US6779017B1 (en) * 1999-04-29 2004-08-17 International Business Machines Corporation Method and system for dispatching client sessions within a cluster of servers connected to the world wide web
US20040260745A1 (en) * 2003-06-18 2004-12-23 Gage Christopher A. S. Load balancer performance using affinity modification
US6871347B2 (en) * 2001-04-13 2005-03-22 Interland, Inc. Method and apparatus for facilitating load balancing across name servers
US20050188065A1 (en) * 2002-07-10 2005-08-25 Cisco Technology, Inc. System and method for communicating in a loadbalancing environment
US6981056B1 (en) * 2000-06-28 2005-12-27 Cisco Technology, Inc. Wide area load balancing of web traffic
US7039709B1 (en) * 2000-05-31 2006-05-02 International Business Machines Corporation Dynamically selection of most efficient transmission medium and route from a client browser
US7089328B1 (en) * 2000-12-29 2006-08-08 Cisco Technology, Inc. Method allocation scheme for maintaining server load balancers services in a high throughput environment
US7191235B1 (en) * 2002-11-26 2007-03-13 Cisco Technology, Inc. System and method for communicating data in a loadbalancing environment
US7292571B2 (en) * 2001-04-30 2007-11-06 Aol Llc, A Delaware Limited Liability Company Load balancing with direct terminal response
US20070283023A1 (en) * 2006-05-30 2007-12-06 Riverbed Technology, Inc. Selecting proxies from among autodiscovered proxies
US7324512B2 (en) * 2003-06-12 2008-01-29 International Business Machines Corporation MAC layer bridging of network frames between isolated and external networks
US7383327B1 (en) * 2007-10-11 2008-06-03 Swsoft Holdings, Ltd. Management of virtual and physical servers using graphic control panels
US20080313318A1 (en) * 2007-06-18 2008-12-18 Vermeulen Allan H Providing enhanced data retrieval from remote locations
US7478173B1 (en) * 2003-12-18 2009-01-13 Wmware, Inc. Method and system for sharing a network connection in a virtual computer system
US7567504B2 (en) * 2003-06-30 2009-07-28 Microsoft Corporation Network load balancing with traffic routing
US20090276607A1 (en) * 2008-04-30 2009-11-05 Bonola Thomas J Virtualization platform with dedicated cache access
US20100185817A1 (en) * 2009-01-20 2010-07-22 Oracle International Corporation Methods and Systems for Implementing Transcendent Page Caching
US20100257263A1 (en) * 2009-04-01 2010-10-07 Nicira Networks, Inc. Method and apparatus for implementing and managing virtual switches
US20100274890A1 (en) * 2009-04-28 2010-10-28 Patel Alpesh S Methods and apparatus to get feedback information in virtual environment for server load balancing
US7831661B2 (en) * 2008-12-18 2010-11-09 Vmware, Inc. Measuring client interactive performance using a display channel
US20100302940A1 (en) * 2009-05-28 2010-12-02 Microsoft Corporation Load balancing across layer-2 domains
US20100318609A1 (en) * 2009-06-15 2010-12-16 Microsoft Corporation Bridging enterprise networks into cloud
US20110019531A1 (en) * 2009-07-22 2011-01-27 Yongbum Kim Method and system for fault tolerance and resilience for virtualized machines in a network
US20110023114A1 (en) * 2009-07-22 2011-01-27 Wael William Diab Method and System For Traffic Management Via Virtual Machine Migration
US20110023029A1 (en) * 2009-07-22 2011-01-27 Wael Diab Method and system for abstracting virtual machines in a network
US7886076B2 (en) * 2005-01-12 2011-02-08 International Business Machines Corporation Bypassing routing stacks using mobile internet protocol
US7937438B1 (en) * 2009-12-07 2011-05-03 Amazon Technologies, Inc. Using virtual networking devices to manage external connections
US20110225231A1 (en) * 2010-03-15 2011-09-15 Microsoft Corporation Direct addressability and direct server return
US20110222535A1 (en) * 2006-08-03 2011-09-15 Josephine Suganthi Systems and Methods for Routing VPN Traffic Around Network Distribution
US8031713B2 (en) * 2008-01-29 2011-10-04 International Business Machines Corporation General multi-link interface for networking environments
US20110276695A1 (en) * 2010-05-06 2011-11-10 Juliano Maldaner Continuous upgrading of computers in a load balanced environment
US20110317554A1 (en) * 2010-06-28 2011-12-29 Microsoft Corporation Distributed and Scalable Network Address Translation
US8201237B1 (en) * 2008-12-10 2012-06-12 Amazon Technologies, Inc. Establishing secure remote access to private computer networks
US20120303809A1 (en) * 2011-05-25 2012-11-29 Microsoft Corporation Offloading load balancing packet modification
US8429294B2 (en) * 2005-09-19 2013-04-23 Panasonic Corporation Enabling simultaneous use of home network and foreign network by a multihomed mobile node
US8493851B2 (en) * 2010-05-07 2013-07-23 Broadcom Corporation Method and system for offloading tunnel packet processing in cloud computing
US8504556B1 (en) * 2010-03-08 2013-08-06 Amazon Technologies, Inc. System and method for diminishing workload imbalance across multiple database systems
US8533343B1 (en) * 2011-01-13 2013-09-10 Google Inc. Virtual network pairs
US8611349B1 (en) * 2010-06-28 2013-12-17 Amazon Technologies, Inc. Methods and apparatus for internet-scale routing using small-scale border routers
US20140019602A1 (en) * 2012-07-12 2014-01-16 Microsoft Corporation Load balancing for single-address tenants
US20140095649A1 (en) * 2011-02-07 2014-04-03 Microsoft Corporation Proxy-based cache content distribution and affinity
US20140115135A1 (en) * 2012-10-22 2014-04-24 Telefonaktiebolaget L M Ericsson (Publ) Method and system of frame based identifier locator network protocol (ilnp) load balancing and routing
US20140149794A1 (en) * 2011-12-07 2014-05-29 Sachin Shetty System and method of implementing an object storage infrastructure for cloud-based services
US8751691B1 (en) * 2011-03-23 2014-06-10 Amazon Technologies, Inc. Methods and apparatus for remapping public network addresses on a network to an external network via an intermediate network
US8819280B1 (en) * 2004-10-29 2014-08-26 Akamai Technologies, Inc. Network traffic load balancing system using IPV6 mobility headers
US8954595B2 (en) * 2004-12-30 2015-02-10 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP buffering

Family Cites Families (103)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5305389A (en) 1991-08-30 1994-04-19 Digital Equipment Corporation Predictive cache system
US5371852A (en) 1992-10-14 1994-12-06 International Business Machines Corporation Method and apparatus for making a cluster of computers appear as a single host on a network
US5793763A (en) 1995-11-03 1998-08-11 Cisco Technology, Inc. Security system for network address translation systems
US5935207A (en) 1996-06-03 1999-08-10 Webtv Networks, Inc. Method and apparatus for providing remote site administrators with user hits on mirrored web sites
US5924116A (en) 1997-04-02 1999-07-13 International Business Machines Corporation Collaborative caching of a requested object by a lower level node as a function of the caching status of the object at a higher level node
US6351775B1 (en) 1997-05-30 2002-02-26 International Business Machines Corporation Loading balancing across servers in a computer network
US6434620B1 (en) 1998-08-27 2002-08-13 Alacritech, Inc. TCP/IP offload network interface device
US6070191A (en) 1997-10-17 2000-05-30 Lucent Technologies Inc. Data distribution techniques for load-balanced fault-tolerant web access
US6427187B2 (en) 1998-07-31 2002-07-30 Cache Flow, Inc. Multiple cache communication
US6438652B1 (en) 1998-10-09 2002-08-20 International Business Machines Corporation Load balancing cooperating cache servers by shifting forwarded request
US6490615B1 (en) 1998-11-20 2002-12-03 International Business Machines Corporation Scalable cache
US6952401B1 (en) 1999-03-17 2005-10-04 Broadcom Corporation Method for load balancing in a network switch
US7299294B1 (en) 1999-11-10 2007-11-20 Emc Corporation Distributed traffic controller for network data
AU4839300A (en) 1999-05-11 2000-11-21 Webvan Group, Inc. Electronic commerce enabled delivery system and method
US6970913B1 (en) 1999-07-02 2005-11-29 Cisco Technology, Inc. Load balancing using distributed forwarding agents with application based feedback for different virtual machines
US6704278B1 (en) 1999-07-02 2004-03-09 Cisco Technology, Inc. Stateful failover of service managers
US20010034752A1 (en) 2000-01-26 2001-10-25 Prompt2U Inc. Method and system for symmetrically distributed adaptive matching of partners of mutual interest in a computer network
US8291007B2 (en) 2000-02-22 2012-10-16 Flash Networks Ltd System and method to accelerate client/server interactions using predictive requests
US7024466B2 (en) 2000-04-07 2006-04-04 Movielink, Llc Network configured for delivery of content for download to a recipient
US6615317B2 (en) 2000-07-07 2003-09-02 Fitech Laboratories, Inc. Methods and systems for providing a highly scalable synchronous data cache
US6732237B1 (en) 2000-08-29 2004-05-04 Oracle International Corporation Multi-tier caching system
US20020032755A1 (en) 2000-09-13 2002-03-14 Marc Abrahams Registration system and method using a back end server
US7272653B2 (en) 2000-09-28 2007-09-18 International Business Machines Corporation System and method for implementing a clustered load balancer
CN100525288C (en) * 2000-10-26 2009-08-05 普里斯梅迪亚网络有限公司 Method and apparatus for large payload distribution in network
US8112545B1 (en) 2000-12-19 2012-02-07 Rockstar Bidco, LP Distributed network address translation control
US7188145B2 (en) 2001-01-12 2007-03-06 Epicrealm Licensing Llc Method and system for dynamic distributed data caching
US6549997B2 (en) 2001-03-16 2003-04-15 Fujitsu Limited Dynamic variable page size translation of addresses
US8244864B1 (en) * 2001-03-20 2012-08-14 Microsoft Corporation Transparent migration of TCP based connections within a network load balancing system
US20020159437A1 (en) 2001-04-27 2002-10-31 Foster Michael S. Method and system for network configuration discovery in a network manager
US20030005080A1 (en) 2001-06-28 2003-01-02 Watkins James S. Systems and methods for accessing data
US7245632B2 (en) 2001-08-10 2007-07-17 Sun Microsystems, Inc. External storage for modular computer systems
EP1315349B1 (en) 2001-11-21 2008-03-19 Sun Microsystems, Inc. A method for integrating with load balancers in a client and server system
US7289525B2 (en) 2002-02-21 2007-10-30 Intel Corporation Inverse multiplexing of managed traffic flows over a multi-star network
US6856991B1 (en) 2002-03-19 2005-02-15 Cisco Technology, Inc. Method and apparatus for routing data to a load balanced server using MPLS packet labels
US7512702B1 (en) 2002-03-19 2009-03-31 Cisco Technology, Inc. Method and apparatus providing highly scalable server load balancing
US7133905B2 (en) 2002-04-09 2006-11-07 Akamai Technologies, Inc. Method and system for tiered distribution in a content delivery network
US7020706B2 (en) 2002-06-17 2006-03-28 Bmc Software, Inc. Method and system for automatically updating multiple servers
US7280557B1 (en) 2002-06-28 2007-10-09 Cisco Technology, Inc. Mechanisms for providing stateful NAT support in redundant and asymetric routing environments
US7328237B1 (en) * 2002-07-25 2008-02-05 Cisco Technology, Inc. Technique for improving load balancing of traffic in a data network using source-side related information
US7561587B2 (en) 2002-09-26 2009-07-14 Yhc Corporation Method and system for providing layer-4 switching technologies
US7616638B2 (en) 2003-07-29 2009-11-10 Orbital Data Corporation Wavefront detection and disambiguation of acknowledgments
US20080008202A1 (en) 2002-10-31 2008-01-10 Terrell William C Router with routing processors and methods for virtualization
US7243351B2 (en) 2002-12-17 2007-07-10 International Business Machines Corporation System and method for task scheduling based upon the classification value and probability
US7890633B2 (en) 2003-02-13 2011-02-15 Oracle America, Inc. System and method of extending virtual address resolution for mapping networks
US20040167981A1 (en) 2003-02-25 2004-08-26 Douglas Christopher Paul Method and system for monitoring relationships between content devices in a content delivery network
US7975043B2 (en) 2003-02-25 2011-07-05 Hewlett-Packard Development Company, L.P. Method and apparatus for monitoring a network
US7912954B1 (en) 2003-06-27 2011-03-22 Oesterreicher Richard T System and method for digital media server load balancing
US7606929B2 (en) 2003-06-30 2009-10-20 Microsoft Corporation Network load balancing with connection manipulation
US7636917B2 (en) 2003-06-30 2009-12-22 Microsoft Corporation Network load balancing with host status information
US7590736B2 (en) 2003-06-30 2009-09-15 Microsoft Corporation Flexible network load balancing
US7613822B2 (en) 2003-06-30 2009-11-03 Microsoft Corporation Network load balancing with session information
CN1839592A (en) * 2003-09-11 2006-09-27 富士通株式会社 Packet relay device
US9584360B2 (en) 2003-09-29 2017-02-28 Foundry Networks, Llc Global server load balancing support for private VIP addresses
US20050097185A1 (en) 2003-10-07 2005-05-05 Simon Gibson Localization link system
US8572249B2 (en) 2003-12-10 2013-10-29 Aventail Llc Network appliance for balancing load and platform services
US20050188055A1 (en) 2003-12-31 2005-08-25 Saletore Vikram A. Distributed and dynamic content replication for server cluster acceleration
US8689319B2 (en) 2004-04-19 2014-04-01 Sollitionary, Inc. Network security system
US7813263B2 (en) 2004-06-30 2010-10-12 Conexant Systems, Inc. Method and apparatus providing rapid end-to-end failover in a packet switched communications network
US7565423B1 (en) 2004-06-30 2009-07-21 Google Inc. System and method of accessing a document efficiently through multi-tier web caching
US20060294584A1 (en) 2005-06-22 2006-12-28 Netdevices, Inc. Auto-Configuration of Network Services Required to Support Operation of Dependent Network Services
EP1669864B1 (en) 2004-12-03 2010-06-02 STMicroelectronics Srl A process for managing virtual machines in a physical processing machine, corresponding processor system and computer program product therefor
US7334076B2 (en) 2005-03-08 2008-02-19 Microsoft Corporation Method and system for a guest physical address virtualization in a virtual machine environment
US7693050B2 (en) 2005-04-14 2010-04-06 Microsoft Corporation Stateless, affinity-preserving load balancing
US20070055789A1 (en) 2005-09-08 2007-03-08 Benoit Claise Method and apparatus for managing routing of data elements
US8392400B1 (en) 2005-12-29 2013-03-05 Amazon Technologies, Inc. Method and apparatus for stress management in a searchable data service
US7694011B2 (en) 2006-01-17 2010-04-06 Cisco Technology, Inc. Techniques for load balancing over a cluster of subscriber-aware application servers
US8274989B1 (en) 2006-03-31 2012-09-25 Rockstar Bidco, LP Point-to-multipoint (P2MP) resilience for GMPLS control of ethernet
US8005022B2 (en) 2006-07-20 2011-08-23 Oracle America, Inc. Host operating system bypass for packets destined for a virtual machine
US7730269B2 (en) 2006-08-29 2010-06-01 International Business Machines Corporation Load management to reduce communication signaling latency in a virtual machine environment
US20080201540A1 (en) 2007-02-16 2008-08-21 Ravi Sahita Preservation of integrity of data across a storage hierarchy
US7761664B2 (en) 2007-04-13 2010-07-20 International Business Machines Corporation Systems and methods for multi-level exclusive caching using hints
US7768907B2 (en) 2007-04-23 2010-08-03 International Business Machines Corporation System and method for improved Ethernet load balancing
US8561061B2 (en) 2007-05-14 2013-10-15 Vmware, Inc. Adaptive dynamic selection and application of multiple virtualization techniques
US20090063706A1 (en) 2007-08-30 2009-03-05 International Business Machines Corporation Combined Layer 2 Virtual MAC Address with Layer 3 IP Address Routing
US7697557B2 (en) 2007-12-26 2010-04-13 Alcatel Lucent Predictive caching content distribution network
JP4973560B2 (en) 2008-03-26 2012-07-11 富士通株式会社 Server and connection destination server switching control method
US8281363B1 (en) * 2008-03-31 2012-10-02 Symantec Corporation Methods and systems for enforcing network access control in a virtual environment
US9762692B2 (en) 2008-04-04 2017-09-12 Level 3 Communications, Llc Handling long-tail content in a content delivery network (CDN)
CN101631110B (en) 2008-07-15 2013-01-02 国际商业机器公司 Device and method for dynamically determining connection building mechanism based on relative position
US8128279B2 (en) 2008-07-16 2012-03-06 GM Global Technology Operations LLC Cloud point monitoring systems for determining a cloud point temperature of diesel fuel
US8180896B2 (en) 2008-08-06 2012-05-15 Edgecast Networks, Inc. Global load balancing on a content delivery network
US20100036903A1 (en) 2008-08-11 2010-02-11 Microsoft Corporation Distributed load balancer
JP2010061283A (en) 2008-09-02 2010-03-18 Fujitsu Ltd Load balancer setting program, load balancer setting method and load balancer setting apparatus
US7860100B2 (en) 2008-10-01 2010-12-28 Cisco Technology, Inc. Service path selection in a service network
US8433749B2 (en) 2009-04-15 2013-04-30 Accenture Global Services Limited Method and system for client-side scaling of web server farm architectures in a cloud data center
US8737407B2 (en) 2009-06-22 2014-05-27 Citrix Systems, Inc. Systems and methods for distributed hash table in multi-core system
US8533317B2 (en) 2009-06-22 2013-09-10 Citrix Systems, Inc. Systems and methods for monitor distribution in a multi-core system
JP5338555B2 (en) 2009-08-11 2013-11-13 富士通株式会社 Load distribution apparatus, load distribution method, and load distribution program
US8645508B1 (en) 2010-03-03 2014-02-04 Amazon Technologies, Inc. Managing external communications for provided computer networks
CN101815033B (en) * 2010-03-12 2013-04-24 成都市华为赛门铁克科技有限公司 Method, device and system for load balancing
CN102907055B (en) 2010-03-26 2015-06-17 思杰系统有限公司 Systems and methods for link load balancing on multi-core device
US8619584B2 (en) 2010-04-30 2013-12-31 Cisco Technology, Inc. Load balancing over DCE multipath ECMP links for HPC and FCoE
US8547835B2 (en) 2010-10-21 2013-10-01 Telefonaktiebolaget L M Ericsson (Publ) Controlling IP flows to bypass a packet data network gateway using multi-path transmission control protocol connections
US8755283B2 (en) 2010-12-17 2014-06-17 Microsoft Corporation Synchronizing state among load balancer components
US8402112B2 (en) 2011-01-14 2013-03-19 Microsoft Corporation Inter-cache communication using HTTP resource
US9191327B2 (en) 2011-02-10 2015-11-17 Varmour Networks, Inc. Distributed service processing of network gateways using virtual machines
US8676980B2 (en) 2011-03-22 2014-03-18 Cisco Technology, Inc. Distributed load balancer in a virtual machine environment
CN106850878B (en) 2011-08-17 2020-07-14 Nicira股份有限公司 Logical L3 routing
US20130159487A1 (en) 2011-12-14 2013-06-20 Microsoft Corporation Migration of Virtual IP Addresses in a Failover Cluster
CN102436401A (en) * 2011-12-16 2012-05-02 北京邮电大学 Load balancing system and method
US9083709B2 (en) 2012-05-11 2015-07-14 Cisco Technology, Inc. Virtual internet protocol migration and load balancing
US20140006681A1 (en) 2012-06-29 2014-01-02 Broadcom Corporation Memory management in a virtualization environment
US9246998B2 (en) 2012-10-16 2016-01-26 Microsoft Technology Licensing, Llc Load balancer bypass

Patent Citations (63)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5251205A (en) * 1990-09-04 1993-10-05 Digital Equipment Corporation Multiple protocol routing
US5774660A (en) * 1996-08-05 1998-06-30 Resonate, Inc. World-wide-web server with delayed resource-binding for resource-based load balancing on a distributed resource multi-node network
US5892903A (en) * 1996-09-12 1999-04-06 Internet Security Systems, Inc. Method and apparatus for detecting and identifying security vulnerabilities in an open network computer communication system
US6470389B1 (en) * 1997-03-14 2002-10-22 Lucent Technologies Inc. Hosting a network service on a cluster of servers using a single-address image
US6249801B1 (en) * 1998-07-15 2001-06-19 Radware Ltd. Load balancing
US6496505B2 (en) * 1998-12-11 2002-12-17 Lucent Technologies Inc. Packet tunneling optimization to wireless devices accessing packet-based wired networks
US6587431B1 (en) * 1998-12-18 2003-07-01 Nortel Networks Limited Supertrunking for packet switching
US20020059429A1 (en) * 1999-01-20 2002-05-16 Geoffrey C. Carpenter Client-side method and apparatus for improving the availability and performance of network mediated services
US6671259B1 (en) * 1999-03-30 2003-12-30 Fujitsu Limited Method and system for wide area network load balancing
US6779017B1 (en) * 1999-04-29 2004-08-17 International Business Machines Corporation Method and system for dispatching client sessions within a cluster of servers connected to the world wide web
US6742044B1 (en) * 2000-05-10 2004-05-25 Cisco Technology, Inc. Distributed network traffic load balancing technique implemented without gateway router
US7039709B1 (en) * 2000-05-31 2006-05-02 International Business Machines Corporation Dynamically selection of most efficient transmission medium and route from a client browser
US6981056B1 (en) * 2000-06-28 2005-12-27 Cisco Technology, Inc. Wide area load balancing of web traffic
US20030031176A1 (en) * 2000-10-26 2003-02-13 Sim Siew Yong Method and apparatus for distributing large payload file to a plurality of storage devices in a network
US20020078174A1 (en) * 2000-10-26 2002-06-20 Sim Siew Yong Method and apparatus for automatically adapting a node in a network
US20030026410A1 (en) * 2000-12-14 2003-02-06 Lumsden John E. Distributed redirect server
US7089328B1 (en) * 2000-12-29 2006-08-08 Cisco Technology, Inc. Method allocation scheme for maintaining server load balancers services in a high throughput environment
US6871347B2 (en) * 2001-04-13 2005-03-22 Interland, Inc. Method and apparatus for facilitating load balancing across name servers
US7292571B2 (en) * 2001-04-30 2007-11-06 Aol Llc, A Delaware Limited Liability Company Load balancing with direct terminal response
US20030056002A1 (en) * 2001-09-18 2003-03-20 Trethewey James R. Load balancing and fault tolerance for server-based software applications
US20050188065A1 (en) * 2002-07-10 2005-08-25 Cisco Technology, Inc. System and method for communicating in a loadbalancing environment
US20040030765A1 (en) * 2002-08-12 2004-02-12 Zilbershtein Itai Ephraim Local network natification
US7191235B1 (en) * 2002-11-26 2007-03-13 Cisco Technology, Inc. System and method for communicating data in a loadbalancing environment
US7757005B2 (en) * 2003-06-12 2010-07-13 International Business Machines Corporation MAC layer bridging of network frames between isolated and external networks
US7324512B2 (en) * 2003-06-12 2008-01-29 International Business Machines Corporation MAC layer bridging of network frames between isolated and external networks
US20040260745A1 (en) * 2003-06-18 2004-12-23 Gage Christopher A. S. Load balancer performance using affinity modification
US7567504B2 (en) * 2003-06-30 2009-07-28 Microsoft Corporation Network load balancing with traffic routing
US7478173B1 (en) * 2003-12-18 2009-01-13 Wmware, Inc. Method and system for sharing a network connection in a virtual computer system
US8819280B1 (en) * 2004-10-29 2014-08-26 Akamai Technologies, Inc. Network traffic load balancing system using IPV6 mobility headers
US8954595B2 (en) * 2004-12-30 2015-02-10 Citrix Systems, Inc. Systems and methods for providing client-side accelerated access to remote applications via TCP buffering
US7886076B2 (en) * 2005-01-12 2011-02-08 International Business Machines Corporation Bypassing routing stacks using mobile internet protocol
US8429294B2 (en) * 2005-09-19 2013-04-23 Panasonic Corporation Enabling simultaneous use of home network and foreign network by a multihomed mobile node
US20070283023A1 (en) * 2006-05-30 2007-12-06 Riverbed Technology, Inc. Selecting proxies from among autodiscovered proxies
US20110222535A1 (en) * 2006-08-03 2011-09-15 Josephine Suganthi Systems and Methods for Routing VPN Traffic Around Network Distribution
US20080313318A1 (en) * 2007-06-18 2008-12-18 Vermeulen Allan H Providing enhanced data retrieval from remote locations
US7383327B1 (en) * 2007-10-11 2008-06-03 Swsoft Holdings, Ltd. Management of virtual and physical servers using graphic control panels
US8031713B2 (en) * 2008-01-29 2011-10-04 International Business Machines Corporation General multi-link interface for networking environments
US20090276607A1 (en) * 2008-04-30 2009-11-05 Bonola Thomas J Virtualization platform with dedicated cache access
US8201237B1 (en) * 2008-12-10 2012-06-12 Amazon Technologies, Inc. Establishing secure remote access to private computer networks
US7831661B2 (en) * 2008-12-18 2010-11-09 Vmware, Inc. Measuring client interactive performance using a display channel
US20100185817A1 (en) * 2009-01-20 2010-07-22 Oracle International Corporation Methods and Systems for Implementing Transcendent Page Caching
US20100257263A1 (en) * 2009-04-01 2010-10-07 Nicira Networks, Inc. Method and apparatus for implementing and managing virtual switches
US20100274890A1 (en) * 2009-04-28 2010-10-28 Patel Alpesh S Methods and apparatus to get feedback information in virtual environment for server load balancing
US20100302940A1 (en) * 2009-05-28 2010-12-02 Microsoft Corporation Load balancing across layer-2 domains
US8416692B2 (en) * 2009-05-28 2013-04-09 Microsoft Corporation Load balancing across layer-2 domains
US20100318609A1 (en) * 2009-06-15 2010-12-16 Microsoft Corporation Bridging enterprise networks into cloud
US20110023029A1 (en) * 2009-07-22 2011-01-27 Wael Diab Method and system for abstracting virtual machines in a network
US20110019531A1 (en) * 2009-07-22 2011-01-27 Yongbum Kim Method and system for fault tolerance and resilience for virtualized machines in a network
US20110023114A1 (en) * 2009-07-22 2011-01-27 Wael William Diab Method and System For Traffic Management Via Virtual Machine Migration
US7937438B1 (en) * 2009-12-07 2011-05-03 Amazon Technologies, Inc. Using virtual networking devices to manage external connections
US8504556B1 (en) * 2010-03-08 2013-08-06 Amazon Technologies, Inc. System and method for diminishing workload imbalance across multiple database systems
US20110225231A1 (en) * 2010-03-15 2011-09-15 Microsoft Corporation Direct addressability and direct server return
US20110276695A1 (en) * 2010-05-06 2011-11-10 Juliano Maldaner Continuous upgrading of computers in a load balanced environment
US8493851B2 (en) * 2010-05-07 2013-07-23 Broadcom Corporation Method and system for offloading tunnel packet processing in cloud computing
US8611349B1 (en) * 2010-06-28 2013-12-17 Amazon Technologies, Inc. Methods and apparatus for internet-scale routing using small-scale border routers
US20110317554A1 (en) * 2010-06-28 2011-12-29 Microsoft Corporation Distributed and Scalable Network Address Translation
US8533343B1 (en) * 2011-01-13 2013-09-10 Google Inc. Virtual network pairs
US20140095649A1 (en) * 2011-02-07 2014-04-03 Microsoft Corporation Proxy-based cache content distribution and affinity
US8751691B1 (en) * 2011-03-23 2014-06-10 Amazon Technologies, Inc. Methods and apparatus for remapping public network addresses on a network to an external network via an intermediate network
US20120303809A1 (en) * 2011-05-25 2012-11-29 Microsoft Corporation Offloading load balancing packet modification
US20140149794A1 (en) * 2011-12-07 2014-05-29 Sachin Shetty System and method of implementing an object storage infrastructure for cloud-based services
US20140019602A1 (en) * 2012-07-12 2014-01-16 Microsoft Corporation Load balancing for single-address tenants
US20140115135A1 (en) * 2012-10-22 2014-04-24 Telefonaktiebolaget L M Ericsson (Publ) Method and system of frame based identifier locator network protocol (ilnp) load balancing and routing

Cited By (16)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9667739B2 (en) 2011-02-07 2017-05-30 Microsoft Technology Licensing, Llc Proxy-based cache content distribution and affinity
US9826033B2 (en) 2012-10-16 2017-11-21 Microsoft Technology Licensing, Llc Load balancer bypass
US9253245B2 (en) * 2013-03-15 2016-02-02 Profitbricks Gmbh Load balancer and related techniques
US9888055B2 (en) 2013-03-15 2018-02-06 Profitbricks Gmbh Firewall for a virtual network and related techniques
US20140280969A1 (en) * 2013-03-15 2014-09-18 Conrad N. Wood Load Balancer and Related Techniques
US9361171B2 (en) 2014-03-07 2016-06-07 ProfitBricks, Inc. Systems and methods for storage of data in a virtual storage device
US9454314B2 (en) 2014-03-07 2016-09-27 ProfitBricks, Inc. Systems and methods for creating an image of a virtual storage device
US9785573B2 (en) 2014-03-07 2017-10-10 Profitbricks Gmbh Systems and methods for storage of data in a virtual storage device
CN109937401A (en) * 2016-11-15 2019-06-25 微软技术许可有限责任公司 Via the real-time migration for the load balancing virtual machine that business bypass carries out
US20180241809A1 (en) * 2017-02-21 2018-08-23 Microsoft Technology Licensing, Llc Load balancing in distributed computing systems
WO2018156421A1 (en) * 2017-02-21 2018-08-30 Microsoft Technology Licensing, Llc Load balancing in distributed computing systems
US10652320B2 (en) * 2017-02-21 2020-05-12 Microsoft Technology Licensing, Llc Load balancing in distributed computing systems
US11218537B2 (en) * 2017-02-21 2022-01-04 Microsoft Technology Licensing, Llc Load balancing in distributed computing systems
US20190166050A1 (en) * 2017-11-30 2019-05-30 Juniper Networks, Inc. Optimizing fabric path forwarding for virtual nodes within an electronic device
US10587517B2 (en) * 2017-11-30 2020-03-10 Juniper Networks, Inc. Optimizing fabric path forwarding for virtual nodes within an electronic device
US11106482B2 (en) 2019-05-31 2021-08-31 Microsoft Technology Licensing, Llc Connectivity migration in a virtual execution system

Also Published As

Publication number Publication date
WO2014062752A1 (en) 2014-04-24
US9826033B2 (en) 2017-11-21
US9246998B2 (en) 2016-01-26
CN104756466B (en) 2018-05-25
BR112015007738A2 (en) 2017-11-28
EP2909999B1 (en) 2019-11-20
EP2909999A1 (en) 2015-08-26
BR112015007738B1 (en) 2022-03-15
CN104756466A (en) 2015-07-01
US20160105499A1 (en) 2016-04-14

Similar Documents

Publication Publication Date Title
US9826033B2 (en) Load balancer bypass
KR101840904B1 (en) Virtualization gateway between virtualized and non-virtualized networks
US9354941B2 (en) Load balancing for single-address tenants
JP2018033135A (en) Method and system for processing dsr load balancing using loopback interface in virtual network environment
US11095716B2 (en) Data replication for a virtual networking system
US11765080B2 (en) Layer-2 networking span port in a virtualized cloud environment
EP3108365A1 (en) Methods, apparatuses, and computer program products for deploying and managing software containers
CN113950814B (en) Multi-point conference session through port multiplexing
US11777897B2 (en) Cloud infrastructure resources for connecting a service provider private network to a customer private network
US20240031282A1 (en) Layer-2 networking span port in a virtualized cloud environment
US20220353197A1 (en) Port addressing via packet header modification
US11811593B2 (en) Secure bi-directional network connectivity system between private networks
EP3369217B1 (en) Multiple gateway operation on single operating system
US10230642B1 (en) Intelligent data paths for a native load balancer
US20230396579A1 (en) Cloud infrastructure resources for connecting a service provider private network to a customer private network
US20240097973A1 (en) Secure bi-directional network connectivity system between private networks

Legal Events

Date Code Title Description
AS Assignment

Owner name: MICROSOFT CORPORATION, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KUMAR, HEMANT;PATEL, PARVEEN KUMAR;BANSAL, DEEPAK;SIGNING DATES FROM 20121012 TO 20121015;REEL/FRAME:029158/0166

AS Assignment

Owner name: MICROSOFT TECHNOLOGY LICENSING, LLC, WASHINGTON

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:MICROSOFT CORPORATION;REEL/FRAME:034544/0541

Effective date: 20141014

FEPP Fee payment procedure

Free format text: PAYOR NUMBER ASSIGNED (ORIGINAL EVENT CODE: ASPN); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 4

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 8TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1552); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment: 8